Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-40150

Published: 17/07/2022 Updated: 22/07/2022
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0

Vulnerability Summary

The web server of the E1 Zoom camera up to and including 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

reolink e1_zoom_firmware

Vendor Advisories

Check Point Security Alerts: Reolink E1 Zoom Information Disclosure (CVE-2021-40149; CVE-2021-40150)
Check Point Reference: CPAI-2021-2143 Date Published: 4 Apr 2024 Severity: High ...

References

CWE-552https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40150.txthttps://nvd.nist.govhttps://advisories.checkpoint.com/defense/advisories/public/2024/cpai-2021-2143.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middlecommand injectionCVE-2021-47511CVE-2024-26238CVE-2024-4858CVE-2024-21305XXECVE-2021-47555CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook